Scripts written during Off by One Security stream

offbyonesec-sync-binja.py

#
# Port to binary ninja of the script written during the Off-by-One Security stream 
# (https://youtu.be/FnIQTL9w-Ow) to synchronize GEF with Binary Ninja
# Requires `rpyc` and `pygments`
#
# In IDA, first download and load https://gist.githubusercontent.com/hugsy/714e0038d5d0b1deb7fad1907928252f/raw/87bd608a859c1699f9fc2fb556394d618747bdc8/binja_rpyc_snippet.py
#
# @_hugsy_
#
import rpyc

from pygments import highlight
from pygments.lexers import CLexer
from pygments.formatters import Terminal256Formatter

IDA_RPYC_ADDRESS = "192.168.57.2" # Change here with your own
IDA_RPYC_PORT = 18812

@register
class BinjaCommand(GenericCommand):
    """Synchronize Binary Ninja with GEF."""
    _cmdline_ = "sync"
    _syntax_  = f"{_cmdline_}"

    def __init__(self, *args, **kwargs):
        super().__init__(prefix=False)
        self.__conn = rpyc.connect(IDA_RPYC_ADDRESS, IDA_RPYC_PORT)
        self.bv = self.__conn.root.bv
        ok(f"Connected with {self.__conn}")

    @only_if_gdb_running
    @parse_arguments({}, {"--decompile": False})
    def do_invoke(self, argv, **kwargs):
        args = kwargs["arguments"]
        pc = gef.arch.pc
        info(f"Synchronizing at {pc=:#x}")
        self.bv.navigate( self.bv.view, pc)
        if args.decompile:
            func = self.bv.get_functions_containing(pc)[0]
            buffer = "\n".join(str(i) for i in func.hlil.instructions)
            formatted_code = highlight( buffer, CLexer(), Terminal256Formatter())
            gef_print(formatted_code)                

gef_on_stop_hook(lambda _: gdb.execute("sync"))
register_external_context_pane("decompiler", lambda: gdb.execute("sync --decompile"), lambda: "decompiler")

offbyonesec-sync-ida.py

#
# Script written during the Off-by-One Security stream (https://youtu.be/FnIQTL9w-Ow) to synchronize GEF 
# with IDA
# Requires `rpyc` and `pygments`
#
# In IDA, first download and load https://github.com/hugsy/ida-headless/blob/master/ida_rpyc_server.py
#
# @_hugsy_
#
import rpyc

from pygments import highlight
from pygments.lexers import CLexer
from pygments.formatters import Terminal256Formatter

IDA_RPYC_ADDRESS = "192.168.57.2" # Change here with your own
IDA_RPYC_PORT = 18812

@register
class IdaSyncCommand(GenericCommand):
    """Synchronize IDA with GEF."""
    _cmdline_ = "sync"
    _syntax_  = f"{_cmdline_}"

    def __init__(self, *args, **kwargs):
        super().__init__(prefix=False)
        self.__conn = rpyc.connect(IDA_RPYC_ADDRESS, IDA_RPYC_PORT)
        self.idaapi = self.__conn.root.idaapi
        self.idc = self.__conn.root.idc
        self.ida_hexrays = self.__conn.root.ida_hexrays
        ok(f"Connected with {self.__conn}")

    @only_if_gdb_running
    @parse_arguments({}, {"--decompile": False})
    def do_invoke(self, argv, **kwargs):
        args = kwargs["arguments"]
        pc = gef.arch.pc
        info(f"Synchronizing at {pc=:#x}")
        self.idaapi.jumpto( pc )
        if args.decompile:
            func = self.ida_hexrays.decompile(pc)
            formatted_code = highlight( str(func), CLexer(), Terminal256Formatter())
            gef_print(formatted_code)

gef_on_stop_hook(lambda _: gdb.execute("sync"))
register_external_context_pane("decompiler", lambda: gdb.execute("sync --decompile"), lambda: "decompiler")